CVSS: 5.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34376
https://notcve.org/view.php?id=CVE-2022-34376
Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.0EPSS: 0%CPEs: 40EXPL: 0CVE-2022-22558
https://notcve.org/view.php?id=CVE-2022-22558
Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service. La BIOS del servidor Dell PowerEdge y la BIOS de la estación de trabajo Dell Precision 7910 y 7920 para rack contienen una vulnerabilidad de verificación del búfer de comunicación SMM inadecuada. Un atacante local con altos privilegios podría explotar potencialmente esta vulnerabilidad que conduce a escrituras arbitrarias o a la denegación de servicio • https://www.dell.com/support/kbdoc/000197971 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 62EXPL: 0CVE-2021-21557
https://notcve.org/view.php?id=CVE-2021-21557
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode. Dell PowerEdge Server BIOS y select Dell Precision Rack BIOS contienen una vulnerabilidad de acceso a la matriz fuera de límites. Un usuario local malicioso con privilegios elevados puede explotar potencialmente esta vulnerabilidad, conllevando una denegación de servicio, ejecución de código arbitrario o divulgación de información en el Modo de Administración del Sistema • https://www.dell.com/support/kbdoc/000187958 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •